IGD Working Committee Update Ulhas Warrier Chair, IGD Intel Corporation.
-
Upload
harry-hart -
Category
Documents
-
view
236 -
download
5
Transcript of IGD Working Committee Update Ulhas Warrier Chair, IGD Intel Corporation.
IGD Working Committee Update
Ulhas Warrier
Chair, IGD
Intel Corporation
Outline
IGD v1.0 recap
IGD v2.0 objectives
WLAN Enrollment Scenario
Working Committee Status
Internet Gateway Device 1.0v1.0 approved in Nov 2001
Several IGD products in the market
Different connection types supported PPPoE, PPPoA, IP-Routed
Multiple WAN connections
Access to gateway info Data rate, connection status
Automatic NAT-traversal
Internet
Tell peer to send packet to LAN address
UPnP IGD Examplefor NAT traversal
UPnP IGD Examplefor NAT traversal
NAT using WAN address
Game Host with private LAN IP address
Peer Game System on Internet
Discover IGD, Get WAN IP address
Configure IGD to forwardpackets arriving on the IGD WAN address to host
Home LAN
Routing to private LAN address fails
End to end packet delivery
Tell peer to send packet to IGD’s WAN address
IGDIGD
Committee formed in Q2 2002
Two-fold Charter Future IGD needs – IGD DCP 802.11 access point configuration – AP DCP
Current focus mostly on AP DCP Completion targeted by Q1 ’03 First plugfest in October 2002
Group has weekly teleconference meetings
Current active participants – Broadcom, GlobeSpanVirata, Intel, LG, Microsoft, Thomson
Internet Gateway Device 2.0
IGD DCP 2.0
IPv6 support Existing services modified for IPv6 New services – firewall configuration
IGD v1 enhancements Support for configuring IP Forwarding Port mapping additions
Access Point DCP Simplify Access Point setup
Initial configuration Diagnostic information
Make enrollment of new clients easy Devices with no UI Guest clients Additional access points
Enable deployment of stronger link security Privacy important as WLAN usage increases Make link security setup easy, including 802.1x
Access Point UPnP Services
WLANAccessPointDevice
WLANConfigurationServicerequired
WLANAuthenticationServiceconditionally required
DeviceSecurityrequired
Common way to programmatically access AP information SSID AP mode – repeater or not Valid channel set Physical location of the access point - Longitude-latitude,
location address as in street, city, state, zip Auto-fallback rate, Possible data rates WEP encryption level, Default WEP key, WEP keys (1 to 4) Configuration Status Total number of connected clients
Some of the configuration actions will be secured E.g. setting of WEP key
AP Configuration ServiceAP Configuration Service
Maintains WLAN client list Username Credentials (Password) Access restrictions
Simple, common interface to update client list
Notifies user of authentication attempt from new clients
All actions will be secured
AP Authentication ServiceAP Authentication Service
Enrolling an 802.11 Client
Username: __Dev1__Password: ________
User prompted on PC1 for 802.1x authentication password
User enters info provided by Dev1 vendor (chassis/manual)
PC1 informs AP about successful validation
Console PCConsole PC
Device without UI easily enrolled into secure WLANDevice without UI easily enrolled into secure WLAN
Dev1 PC1 Secure UPnPSecure UPnP
Secure 802.11 link establishedSecure 802.11 link established
Setting up Console PCAssumptionAssumption: : PC1 has built-PC1 has built-in AP control in AP control point softwarepoint software
AssumptionAssumption: AP : AP has ‘first login info’ has ‘first login info’ and ‘AP ID’ made and ‘AP ID’ made available to useravailable to user
Username: ________Password: ________
User prompted for 802.1x authentication information
User can configure AP securely from PC1 anytime
User enters info given by AP vendor (chassis/manual)
AP identifier string displayed to user
Secure 802.11 link establishedSecure 802.11 link established
AP ID : WLP1234
Secure UPnP establishedSecure UPnP established
PC1 becomes the ‘secure console’ for APPC1 becomes the ‘secure console’ for AP
PC1
Access Point DCP Status Configuration Service 0.45
Ready for first plugfest Repeater setup next focus
Authentication Service 0.2 Discussion on optional/required status
Alignment work with other forums SSN and IEEE TGi WECA
Dependency on UPnP Security
Demo
Enrolling into secure WLAN
For the interconnected lifestyle